Project description:Authentication is essential for the prevention of various types of attacks in fog/edge computing. Therefore, a novel mode-based hash chain for secure mutual authentication is necessary to address the Internet of Things (IoT) devices' vulnerability, as there have been several years of growing concerns regarding their security. Therefore, a novel model is designed that is stronger and effective against any kind of unauthorized attack, as IoT devices' vulnerability is on the rise due to the mass production of IoT devices (embedded processors, camera, sensors, etc.), which ignore the basic security requirements (passwords, secure communication), making them vulnerable and easily accessible. Furthermore, crackable passwords indicate that the security measures taken are insufficient. As per the recent studies, several applications regarding its requirements are the IoT distributed denial of service attack (IDDOS), micro-cloud, secure university, Secure Industry 4.0, secure government, secure country, etc. The problem statement is formulated as the "design and implementation of dynamically interconnecting fog servers and edge devices using the mode-based hash chain for secure mutual authentication protocol", which is stated to be an NP-complete problem. The hash-chain fog/edge implementation using timestamps, mode-based hash chaining, the zero-knowledge proof property, a distributed database/blockchain, and cryptography techniques can be utilized to establish the connection of smart devices in large numbers securely. The hash-chain fog/edge uses blockchain for identity management only, which is used to store the public keys in distributed ledger form, and all these keys are immutable. In addition, it has no overhead and is highly secure as it performs fewer calculations and requires minimum infrastructure. Therefore, we designed the hash-chain fog/edge (HCFE) protocol, which provides a novel mutual authentication scheme for effective session key agreement (using ZKP properties) with secure protocol communications. The experiment outcomes proved that the hash-chain fog/edge is more efficient at interconnecting various devices and competed favorably in the benchmark comparison.

Project description:The Fifth Generation (5G) cellular network can be considered the way to the ubiquitous Internet and pervasive paradigm.The Internet of Vehicles (IoV) uses the network infrastructure to allow cars to be connected to new radio technologies, and can be supported by 5G networks. In this way, the Vehicle-to-Everything (V2X) integration needs 5G connections unavoidably. This paper presents a 5G V2X ecosystem to provide IoV. The proposed ecosystem is based on the Software-Defined Networking (SDN) concept. Considering vehicles as entertainment consumer points, the network infrastructure must be huge enough to guarantee delivery and quality. For this purpose, this paper evaluates vehicular Internet-based video services traffic and Vehicle-to-Vehicle (V2V) communications in urban and rural scenarios. Simulations were performed through the Network Simulator ns-3, employing millimeter Wave (mmWave) communications. Three metrics, data transfer rate, transmission delay, and Packet Delivery Ratio (PDR), were analyzed and compared for rural and urban IoV scenarios. The results have shown satisfactory performance to the IoV communications requirements when adopting the 5G network with V2X communications.

Project description:We present a novel biometric authentication system enabled by ratiometric analysis of impedance of fingers. In comparison to the traditional biometrics that relies on acquired images of structural information of physiological characteristics, our biological impedance approach not only eliminates any practical means of making fake copies of the relevant physiological traits but also provides reliable features of biometrics using the ratiometric impedance of fingers. This study shows that the ratiometric features of the impedance of fingers in 10 different pairs using 5 electrodes at the fingertips can reduce the variation due to undesirable factors such as temperature and day-to-day physiological variations. By calculating the ratio of impedances, the difference between individual subjects was amplified and the spectral patterns were diversified. Overall, our ratiometric analysis of impedance improved the classification accuracy of 41 subjects and reduced the error rate of classification from 29.32% to 5.86% (by a factor of 5).

Project description:This paper analyzes two business practices on the mobile internet market, paid prioritization and zero-rating. These practices allow the internet service provider to discriminate different content types. With prioritization, the ISP delivers content at different speeds; with zero-rating, the ISP charges different prices. In recent years these practices have attracted considerable media attention and regulatory interest. When the asymmetry between content providers is limited, in particular with regard to their ability to attract traffic or to monetize it, we first show that the ISP can extract more surplus from consumers by privileging the relatively weaker content and restoring symmetry between content providers. Next, we show that the ISP chooses prioritization when traffic is highly valuable for content providers and congestion is severe, and zero-rating in all other cases. Finally, we find that a policy banning prioritization can lead to zero-rating and a reduction in consumer surplus.

Project description:The authentication key agreement is a scheme that generates a session key for encrypted communication between two participants. In the authentication key agreement, to provide the mutual authentication and the robust session key agreement is one of the important security requirements to enhance the security performance of key agreement. Recently Zhou et al. had proposed the key agreement protocol using pseudo-identifiers, but we found that there were weaknesses in their protocol. We have demonstrated that Zhou et al.'s protocol is vulnerable to replay attack, fails to provide mutual authentication, no key control, re-registration with the original identifier and efficiency in the verification of wrong password. We improved their scheme and proposed an improved authentication key agreement protocol that provides robust mutual authentication and the secure session key agreement. We analyzed its security performance using BAN logic and AVISPA tools and compared computational cost, communication overhead and security properties with other related schemes.

Project description:Internet of Vehicles (IoV) is a hot research niche exploiting the synergy between Cooperative Intelligent Transportation Systems (C-ITS) and the Internet of Things (IoT), which can greatly benefit of the upcoming development of 5G technologies. The variety of end-devices, applications, and Radio Access Technologies (RATs) in IoV calls for new networking schemes that assure the Quality of Service (QoS) demanded by the users. To this end, network slicing techniques enable traffic differentiation with the aim of ensuring flow isolation, resource assignment, and network scalability. This work fills the gap of 5G network slicing for IoV and validates it in a realistic vehicular scenario. It offers an accurate bandwidth control with a full flow-isolation, which is essential for vehicular critical systems. The development is based on a distributed Multi-Access Edge Computing (MEC) architecture, which provides flexibility for the dynamic placement of the Virtualized Network Functions (VNFs) in charge of managing network traffic. The solution is able to integrate heterogeneous radio technologies such as cellular networks and specific IoT communications with potential in the vehicular sector, creating isolated network slices without risking the Core Network (CN) scalability. The validation results demonstrate the framework capabilities of short and predictable slice-creation time, performance/QoS assurance and service scalability of up to one million connected devices.

Project description:One of the significant challenges in the Internet of Things (IoT) is the provisioning of guaranteed security and privacy, considering the fact that IoT devices are resource-limited. Oftentimes, in IoT applications, remote users need to obtain real-time data, with guaranteed security and privacy, from resource-limited network nodes through the public Internet. For this purpose, the users need to establish a secure link with the network nodes. Though the IPv6 over low-power wireless personal area networks (6LoWPAN) adaptation layer standard offers IPv6 compatibility for resource-limited wireless networks, the fundamental 6LoWPAN structure ignores security and privacy characteristics. Thus, there is a pressing need to design a resource-efficient authenticated key exchange (AKE) scheme for ensuring secure communication in 6LoWPAN-based resource-limited networks. This paper proposes a resource-efficient secure remote user authentication scheme for 6LoWPAN-based IoT networks, called SRUA-IoT. SRUA-IoT achieves the authentication of remote users and enables the users and network entities to establish private session keys between themselves for indecipherable communication. To this end, SRUA-IoT uses a secure hash algorithm, exclusive-OR operation, and symmetric encryption primitive. We prove through informal security analysis that SRUA-IoT is secured against a variety of malicious attacks. We also prove the security strength of SRUA-IoT through formal security analysis conducted by employing the random oracle model. Additionally, we prove through Scyther-based validation that SRUA-IoT is resilient against various attacks. Likewise, we demonstrate that SRUA-IoT reduces the computational cost of the nodes and communication overheads of the network.

Project description:Aerial ad-hoc networks have the potential to enable smart services while maintaining communication between the ground system and unmanned aerial vehicles (UAV). Previous research has focused on enabling aerial data-centric smart services while integrating the benefits of aerial objects such as UAVs in hostile and non-hostile environments. Quality of service (QoS) provisioning in UAV-assisted communication is a challenging research theme in aerial ad-hoc networks environments. Literature on aerial ad hoc networks lacks cooperative service-oriented modeling for distributed network environments, relying on costly static base station-oriented centralized network environments. Towards this end, this paper proposes a quality of service provisioning framework for a UAV-assisted aerial ad hoc network environment (QSPU) focusing on reliable aerial communication. The UAV's aerial mobility and service parameters are modelled considering highly dynamic aerial ad-hoc environments. UAV-centric mobility models are utilized to develop a complete aerial routing framework. A comparative performance evaluation demonstrates the benefits of the proposed aerial communication framework. It is evident that QSPU outperforms the state-of-the-art techniques in terms of a number of service-oriented performance metrics in a UAV-assisted aerial ad-hoc network environment.

Project description:BACKGROUND: Assessing the effectiveness of quality improvement curricula is important to improving this area of resident education. OBJECTIVE: To assess the ability of the Quality Improvement Knowledge Application Tool (QIKAT) to differentiate between residents who were provided instruction in QI and those who were not, when scored by individuals not involved in designing the QIKAT, its scoring rubric, or QI curriculum instruction. METHODS: The QIKAT and a 9-item self-assessment of QI proficiency were administered to an intervention and a control group. The intervention was a longitudinal curriculum consisting of 8 hours of didactic QI training and 6 workshops providing just-in-time training for resident QI projects. Two uninvolved faculty scored the QIKAT. RESULTS: A total of 33 residents in the intervention group and 27 in the control group completed the baseline and postcurriculum QIKAT and self-assessment. QIKAT mean intervention group scores were significantly higher than mean control group scores postcurriculum (P < .001). Absolute QIKAT differences were small (of 15 points, intervention group improved from a mean score of 12.8 to 13.2). Interrater agreement as measured by kappa test was low (0.09). Baseline self-assessment showed no differences, and after instruction, the intervention group felt more proficient in QI knowledge than controls in 4 of 9 domains tested. CONCLUSIONS: The QIKAT detected a statistically significant improvement postintervention, but the absolute differences were small. Self-reported gain in QI knowledge and proficiency agreed with the results of the QIKAT. However, QIKAT limitations include poor interrater agreement and a scoring rubric that lacks specificity. Programs considering using QIKAT to assess curricula should understand these limitations.

Project description:Zero-knowledge proof (ZKP) is a fundamental cryptographic primitive that allows a prover to convince a verifier of the validity of a statement without leaking any further information. As an efficient variant of ZKP, noninteractive zero-knowledge proof (NIZKP) adopting the Fiat-Shamir heuristic is essential to a wide spectrum of applications, such as federated learning, blockchain, and social networks. However, the heuristic is typically built upon the random oracle model that makes ideal assumptions about hash functions, which does not hold in reality and thus undermines the security of the protocol. Here, we present a quantum solution to the problem. Instead of resorting to a random oracle model, we implement a quantum randomness service. This service generates random numbers certified by the loophole-free Bell test and delivers them with postquantum cryptography (PQC) authentication. By employing this service, we conceive and implement NIZKP of the three-coloring problem. By bridging together three prominent research themes, quantum nonlocality, PQC, and ZKP, we anticipate this work to inspire more innovative applications that combine quantum information science and the cryptography field.